You are here

Agreguesi i feed

Paul Wise: FLOSS Activities November 2018

Planet Debian - Pre, 30/11/2018 - 10:03md
Changes Issues Review Administration
  • myrepos: respond to some tickets
  • Debian: respond to porterbox schroot query, remove obsolete role accounts, restart misbehaving webserver, redirect openmainframe mail to debian-s390, respond to query about consequences of closing accounts
  • Debian wiki: unblacklist networks, redirect/answer user support query, answer question about page names, whitelist email addresses
  • Debian packages site: update mirror config
  • Debian derivatives census: merge and deploy changes from Outreachy applicants and others
Sponsors

The purple-discord upload was sponsored by my employer. All other work was done on a volunteer basis.

Chris Lamb: Free software activities in November 2018

Planet Debian - Pre, 30/11/2018 - 9:23md

Here is my monthly update covering what I have been doing in the free software world during November 2018 (previous month):

Reproducible builds

Whilst anyone can inspect the source code of free software for malicious flaws almost all software is distributed pre-compiled to end users.

The motivation behind the Reproducible Builds effort is to ensure no flaws have been introduced during this compilation process by promising identical results are always generated from a given source, thus allowing multiple third-parties to come to a consensus on whether a build was compromised.

This month I:


Debian Debian LTS

This month I have worked 18 hours on Debian Long Term Support (LTS) and 12 hours on its sister Extended LTS project.

  • Investigated and triaged golang-go.net-dev, libsdl2-image, lighttpd, nginx, pdns, poppler, rustc & xml-security-c amongst many others.

  • "Frontdesk" duties, responding to user queries, etc.

  • Issued DLA 1572-1 for nginx to fix a denial of service (DoS) vulnerability — as there was no validation for the size of a 64-bit atom in an .mp4 file this led to CPU exhaustion when the size was zero.

  • Issued DLA 1576-1 correcting a SSH passphrase disclosure in ansible's User module leaking data in the global process list.

  • Issued DLA 1584-1 for ruby-i18n to fix a remote denial-of-service vulnerability.

  • Issued DLA 1585-1 to prevent an XSS vulnerability in ruby-rack where a malicious request could forge the HTTP scheme being returned to the underlying application.

  • Issued DLA 1591-1 to fix two vulnerabilities in libphp-phpmailer where a arbitrary local files could be disclosed via relative path HTML transformations as well as an object injection attack.

  • Uploaded libsdl2-image (2.0.3+dfsg1-3) and sdl-image1.2 (1.2.12-10) to the unstable distribution to fix buffer overflows on a corrupt or maliciously-crafted XCF files. (#912617 & #912618)

  • Uploaded ruby-i18n (0.7.0-3) to unstable [...] and prepared a stable proposed update for a potential 0.7.0-2+deb9u1 in stretch (#914187).

  • Uploaded ruby-rack (1.6.4-6) to unstable [...] and (2.0.5-2) to experimental [...]. I also prepared a proposed update for a 1.6.4-4+deb9u1 in the stable distribution (#914184).


Uploads
  • python-django (2:2.1.3-1) — New upstream bugfix release.

  • redis:

    • 5.0.1-1 — New upstream release, ensure that Debian-supplied Lua libraries are available during scripting. (#913185), refer to /run directly in .service files, etc.
    • 5.0.1-2 — Ensure that lack of IPv6 support does not prevent startup Debian where we bind to the ::1 interface by default. (#900284 & #914354)
    • 5.0.2-1 — New upstream release.
  • redisearch (1.2.1-1) — Upload the last AGPLv3 (ie. non-Commons Clause)) package from my GoodFORM project.

  • hiredis (0.14.0-3) — Adopt and tidy package (#911732).

  • python-redis (3.0.1-1) — New upstream release.

  • adminer (4.7.0-1) — New upstream release & ensure all documentation is under /usr/share/doc.


I also sponsored uploads of elpy (1.26.0-1) & muttrc-mode-el (1.2+git20180915.aa1601a-1).


Debian bugs filed
  • molly-guard: Breaks conversion with usrmerge. (#914716)

  • git-buildpackage: Please add gbp-dch --stable flag. (#914186)

  • git-buildpackage: gbp pq -Pq suffixes are not actually optional. (#914281)

  • python-redis: Autopkgtests fail. (#914800)

  • git-buildpackage: Correct "saving" typo. (#914280)

  • python-astropy: Please drop unnecessary dh_strip_nondeterminism override. (#914612)

  • shared-mime-info: Don't assume every *.key file is an Apple Keynote file. (#913550, with patch)

FTP Team


As a Debian FTP assistant this month I ACCEPTed 37 packages: android-platform-system-core, arm-trusted-firmware, boost-defaults, dtl, elogind, fonts-ibm-plex, gnome-remote-desktop, gnome-shell-extension-desktop-icons, google-i18n-address, haskell-haskell-gi-base, haskell-rio, lepton-eda, libatteanx-serializer-rdfa-perl, librdf-trine-serializer-rdfa-perl, librdf-trinex-compatibility-attean-perl, libre-engine-re2-perl, libtest-regexp-pattern-perl, linux, lua-lxc, lxc-templates, ndctl, openssh, osmo-bsc, osmo-sgsn, othman, pg-rational, qtdatavis3d-everywhere-src, ruby-grape-path-helpers, ruby-grape-route-helpers, ruby-graphiql-rails, ruby-js-regex, ruby-regexp-parser, shellia, simple-revision-control, theme-d, ulfius & vim-julia.

Gregor Herrmann: RC bugs 2018/01-48

Planet Debian - Pre, 30/11/2018 - 8:12md

I just arrived at the Bug Squashing Party in bern. – a good opportunity to report the RC bugs I've touched so far this year (not that many …):

  • #750732 – src:libanyevent-perl: "libanyevent-perl: Intermittent build failures on various architectures"
    disable a test (pkg-perl)
  • #862678 – src:pidgin: "Switch from network-manager-dev to libnm-dev"
    propose patch, later uploaded by maintainer
  • #878550 – src:liblog-dispatch-filerotate-perl: "liblog-dispatch-filerotate-perl: missing (build) dependency on libparams-validate-perl"
    add missing (build) dependency, upload to DELAYED/5
  • #882618 – libdbix-class-schema-loader-perl: "libdbix-class-schema-loader-perl: Test failures"
    apply patch from ntyni (pkg-perl)
  • #884626 – src:liblinux-dvb-perl: "liblinux-dvb-perl FTBFS with linux-libc-dev 4.14.2-1"
    upload with fix from knowledgejunkie (pkg-perl)
  • #886044 – src:syncmaildir: "syncmaildir: Depends on gconf"
    propose a patch
  • #886355 – src:libpar-packer-perl: "libpar-packer-perl: frequent parallel FTBFS"
    disable parallel building (pkg-perl)
  • #890905 – src:jabref: "jabref: doesn't build/run with default-jdk/-jre"
    try to come up with a patch (pkg-java)
  • #892275 – redshift: "redshift: Unable to connect to GeoClue."
    investigate and downgrade
  • #892392 – src:aqemu: "aqemu: build-depends on GCC 6"
    propose a patch
  • #893251 – jabref: "jabref: doesn't start with liblog4j2-java 2.10.0-1"
    use versioned (build) dependency (pkg-java)
  • #894626 – libsnmp-perl: "libsnmp-perl: undefined symbol: netsnmp_ds_toggle_boolean"
    propose a patch
  • #894727 – libgit-repository-perl: "libgit-repository-perl: FTBFS: t/10-new_fail.t broke with new git"
    add patch from upstream pull request (pkg-perl)
  • #895697 – src:libconfig-model-tester-perl: "libconfig-model-tester-perl FTBFS: Can't locate Module/Build.pm in @INC"
    add missing build dependency (pkg-perl)
  • #896502 – libxml-structured-perl: "libxml-structured-perl: missing dependency on libxml-parser-perl"
    add missing (build) dependency (pkg-perl)
  • #896534 – libnetapp-perl: "libnetapp-perl: missing dependency on libnet-telnet-perl"
    add missing dependency (pkg-perl)
  • #896537 – libmoosex-mungehas-perl: "libmoosex-mungehas-perl: missing dependency on libtype-tiny-perl | libeval-closure-perl"
    add missing dependency (pkg-perl)
  • #896538 – libmonitoring-livestatus-class-perl: "libmonitoring-livestatus-class-perl: missing dependency on libmodule-find-perl"
    add missing dependency, upload to DELAYED/5
  • #896539 – libmodule-install-trustmetayml-perl: "libmodule-install-trustmetayml-perl: missing dependency on libmodule-install-perl"
    add missing (build) dependency (pkg-perl)
  • #896540 – libmodule-install-extratests-perl: "libmodule-install-extratests-perl: missing dependency on libmodule-install-perl"
    add missing (build) dependency (pkg-perl)
  • #896541 – libmodule-install-automanifest-perl: "libmodule-install-automanifest-perl: missing dependency on libmodule-install-perl"
    add missing (build) dependency (pkg-perl)
  • #896543 – liblwp-authen-negotiate-perl: "liblwp-authen-negotiate-perl: missing dependency on libwww-perl"
    add missing dependency, upload to DELAYED/5
  • #896549 – libhtml-popuptreeselect-perl: "libhtml-popuptreeselect-perl: missing dependency on libhtml-template-perl"
    add missing dependency, upload to DELAYED/5
  • #896551 – libgstreamer1-perl: "libgstreamer1-perl: Typelib file for namespace 'Gst', version '1.0' not found"
    add missing (build) dependencies (pkg-perl)
  • #897724 – src:collectd: "collectd: ftbfs with GCC-8"
    pass a compiler flag, upload to DELAYED/5
  • #898198 – src:libnet-oauth-perl: "FTBFS (test failures, also seen in autopkgtests) with libcrypt-openssl-rsa-perl >= 0.30-1"
    add patch (pkg-perl)
  • #898561 – src:libmarc-transform-perl: "libmarc-transform-perl: FTBFS with libyaml-perl >= 1.25-1 (test failures)"
    apply patch provided by YAML upstream (pkg-perl)
  • #898977 – libnet-dns-zonefile-fast-perl: "libnet-dns-zonefile-fast-perl: FTBFS: You are missing required modules for NSEC3 support"
    add missing (build) dependency (pkg-perl)
  • #900232 – src:collectd: "collectd: FTBFS: sed: can't read /usr/lib/pkgconfig/OpenIPMIpthread.pc: No such file or directory"
    propose a patch, later upload to DELAYED/2
  • #901087 – src:libcatalyst-plugin-session-store-dbi-perl: "libcatalyst-plugin-session-store-dbi-perl: FTBFS: Base class package "Class::Data::Inheritable" is empty."
    add missing (build) dependency (pkg-perl)
  • #901807 – src:libmath-gsl-perl: "libmath-gsl-perl: incompatible with GSL >= 2.5"
    apply patches from ntyni and tweak build (pkg-perl)
  • #902192 – src:libpdl-ccs-perl: "libpdl-ccs-perl FTBFS on architectures where char is unsigned"
    new upstream release (pkg-perl)
  • #902625 – libmath-gsl-perl: "libmath-gsl-perl: needs a versioned dependency on libgsl23 (>= 2.5) or so"
    make build dependency versioned (pkg-perl)
  • #903173 – src:get-flash-videos: "get-flash-videos: FTBFS in buster/sid (dh_installdocs: Cannot find "README")"
    fix name in .docs (pkg-perl)
  • #903178 – src:libclass-insideout-perl: "libclass-insideout-perl: FTBFS in buster/sid (dh_installdocs: Cannot find "CONTRIBUTING")"
    fix name in .docs (pkg-perl)
  • #903456 – libbio-tools-phylo-paml-perl: "libbio-tools-phylo-paml-perl: fails to upgrade from 'stable' to 'sid' - trying to overwrite /usr/share/man/man3/Bio::Tools::Phylo::PAML.3pm.gz"
    upload package fixed by carandraug (pkg-perl)
  • #904737 – src:uwsgi: "uwsgi: FTBFS: unable to build gccgo plugin"
    update build dependencies, upload to DELAYED/5
  • #904740 – src:libtext-bidi-perl: "libtext-bidi-perl: FTBFS: 'fribidi_uint32' undeclared"
    apply patch from CPAN RT (pkg-perl)
  • #904858 – src:libtickit-widget-tabbed-perl: "libtickit-widget-tabbed-perl: Incomplete debian/copyright?"
    fix d/copyright (pkg-perl)
  • #905614 – src:license-reconcile: "FTBFS: Failed test 'no warnings' with libsoftware-license-perl 0.103013-2"
    apply patch from Felix Lechner (pkg-perl)
  • #906482 – src:libgit-raw-perl: "libgit-raw-perl: FTBFS in buster/sid (failing tests)"
    patch test (pkg-perl)
  • #908323 – src:libgtk3-perl: "libgtk3-perl: FTBFS: t/overrides.t failure"
    add patch and versioned (build) dependency (pkg-perl)
  • #909343 – src:libcatalyst-perl: "libcatalyst-perl: fails to build with libmoosex-getopt-perl 0.73-1"
    upload new upstream release (pkg-perl)
  • #910943 – libhtml-tidy-perl: "libhtml-tidy-perl: FTBFS (test failures) with tidy-html5 5.7"
    add patch (pkg-perl)
  • #912039 – src:libpetal-utils-perl: "libpetail-utils-perl: FTBFS: Test failures"
    add missing build dependency (pkg-perl)
  • #912045 – src:mb2md: "mb2md: FTBFS: Test failures"
    add missing build dependency (pkg-perl)
  • #914288 – src:libpgplot-perl: "libpgplot-perl: FTBFS and autopkgtest fail with new giza-dev: test waits for input"
    disable interactive tests (pkg-perl)
  • #915096 – src:libperl-apireference-perl: "libperl-apireference-perl: Missing support for perl 5.28.1"
    add support for perl 5.28.1 (pkg-perl)

let's see how the weekend goes.

Michal Čihař: Weblate 3.3

Planet Debian - Pre, 30/11/2018 - 3:00md

Weblate 3.3 has been released today. The most visible new feature are component alerts, but there are several other improvements as well.

Full list of changes:

  • Added support for component and project removal.
  • Improved performance for some monolingual translations.
  • Added translation component alerts to highlight problems with a translation.
  • Expose XLIFF unit resname as context when available.
  • Added support for XLIFF states.
  • Added check for non writable files in DATA_DIR.
  • Improved CSV export for changes.

If you are upgrading from older version, please follow our upgrading instructions.

You can find more information about Weblate on https://weblate.org, the code is hosted on Github. If you are curious how it looks, you can try it out on demo server. Weblate is also being used on https://hosted.weblate.org/ as official translating service for phpMyAdmin, OsmAnd, Turris, FreedomBox, Weblate itself and many other projects.

Should you be looking for hosting of translations for your project, I'm happy to host them for you or help with setting it up on your infrastructure.

Further development of Weblate would not be possible without people providing donations, thanks to everybody who have helped so far! The roadmap for next release is just being prepared, you can influence this by expressing support for individual issues either by comments or by providing bounty for them.

Filed under: Debian English SUSE Weblate

Jonathan Dowland: glBSP

Planet Debian - Pre, 30/11/2018 - 11:59pd

Continuing a series of blog posts about Debian packages I have adopted (Previously: smartmontools; duc), in January this year I also adopted glBSP.

I was surprised to see glBSP come up for adoption; I found out when I was installing something entirely unrelated, thanks to the how-can-i-help package. (This package is a great idea: it tells you about packages you have installed which are in danger of being removed from Debian, or have other interesting bugs filed against them. Give it a go!) glBSP is a dependency on another of my packages, WadC, so I adopted it fairly urgently.

glBSP is a node-building tool for Doom maps. A Map in Doom is defined in a handful of different lumps of data. The top-level, canonical data structures are relatively simple: THINGS is a list of things (type, coordinates, angle facing); VERTEXES is a list of points for geometry (X/Y coordinates); SECTORS define regions (light level, floor height and texture,…), etc. Map authoring tools can build these lumps of data relatively easily. (I've done it myself: I generate them all in liquorice, that I should write more about one day.)

During gameplay, Doom needs to answer questions such as: the player is at location (X,Y) and has made a noise. Can Monster Z hear that noise? Or: the player is at location (X,Y) at facing Z°, what walls need to be drawn? These decisions needed to be made very quickly on the target hardware of 1993 (a 486 CPU) in order to maintain the desired frame-rate (35fps). To facilitate this, various additional data structures are derived from the canonical lumps. glBSP is one of a class of tools called node builders that calculate these extra lumps. The name "node-builder" comes from one of the lumps (NODES), which encodes a binary-space partition of the map geometry (and that's where "BSP" comes from).

If you would be interested to know more about these algorithms (and they are fascinating, honest!), I recommend picking up Fabien Sanglard's forthcoming book "Game Engine Black Book: DOOM". You can pre-order an ebook from Google Play here. It will be available as a physical book (and ebook) via Amazon on publication date, which will be December 10, marking Doom's 25th anniversary.

The glBSP package could do with some work to bring it up to the modern standards and conventions of Debian packages. I haven't bothered to do that, because I'm planning to replace it with another node-builder. glBSP is effectively abandoned upstream. There are loads of other node builders that could be included: glBSP and Eureka author Andrew Apted started a new one called AJBSP, and my long-time friend Kim Roar Foldøy Hauge has one called zokumbsp. The best candidate as an all-round useful node-builder is probably ZDBSP, which was originally developed as an internal node-builder for the ZDoom engine, and was designed for speed. It also copes well with some torture-test maps, such as WadC's "choz.wl", which brought glBSP to its knees. I've submitted a package of ZDBSP to Debian and I'm waiting to see if it is accepted by the FTP masters. After that, we could consider removing glBSP.

Molly de Blanc: Free software activities (November, 2018)

Planet Debian - Enj, 29/11/2018 - 11:54md

Welcome to what is the first and may or may not be the last monthly summary of my free software activities.

November was a good month for me, heavily laden with travel. Conferences and meetings took me to Seattle, WA (USA) and Milano and Bolzano in Italy. I think of my activities as generally focusing on “my” projects — that is to say, representing my own thoughts and ideas, rather than those of my employer or associated projects.

In addition to using my free time to work on free and open source software and related issues, my day job is at the Free Software Foundation. I included highlights from my past month at the FSF. This feels a little bit like cheating.

November Activities (personal)
  • I keynoted the Seattle GNU/Linux festival (SeaGL), delivering a talk entitled “Insecure connections: Love and mental health in our digital lives.” Slides are available on GitLab.
  • Attended an Open Source Initiative board meeting in Milan, Italy.
  • Spoke at SFScon in Bolzano, Italy, giving a talk entitled “User freedom: A love Story.” Slides forthcoming. For this talk, I created a few original slides, but largely repurposed images from “Insecure connections.”
  • I made my first quantative Debian contribution, in which I added the Open Source Initiative to the list of organizations to which Debian is a member.
  • Submitted sessions to the Community and the Legal and Policy devrooms at FOSDEM. #speakerlife
  • Reviewed session proposals for CopyLeft Conf, for which I am on the paper’s committee.
  • I helped organize a $15,000 match donation for the Software Freedom Conservancy.
Some highlights from my day job

Daniel Pocock: Connecting software freedom and human rights

Planet Debian - Enj, 29/11/2018 - 11:04md

2018 is the 70th anniversary of the Universal Declaration of Human Rights.

Over the last few days, while attending the UN Forum on Business and Human Rights, I've had various discussions with people about the relationship between software freedom, business and human rights.

In the information age, control of the software, source code and data translates into power and may contribute to inequality. Free software principles are not simply about the cost of the software, they lead to transparency and give people infinitely more choices.

Many people in the free software community have taken a particular interest in privacy, which is Article 12 in the declaration. The modern Internet challenges this right, while projects like TAILS and Tor Browser help to protect it. The UN's 70th anniversary slogan Stand up 4 human rights is a call to help those around us understand these problems and make effective use of the solutions.

We live in a time when human rights face serious challenges. Consider censorship: Saudi Arabia is accused of complicity in the disappearance of columnist Jamal Khashoggi and the White House is accused of using fake allegations to try and banish CNN journalist Jim Acosta. Arjen Kamphuis, co-author of Information Security for Journalists, vanished in mysterious circumstances. The last time I saw Arjen was at OSCAL'18 in Tirana.

For many of us, events like these may leave us feeling powerless. Nothing could be further from the truth. Standing up for human rights starts with looking at our own failures, both as individuals and organizations. For example, have we ever taken offense at something, judged somebody or rushed to make accusations without taking time to check facts and consider all sides of the story? Have we seen somebody we know treated unfairly and remained silent? Sometimes it may be desirable to speak out publicly, sometimes a difficult situation can be resolved by speaking to the person directly or having a meeting with them.

Being at the United Nations provided an acute reminder of these principles. In parallel to the event, the UN were hosting a conference on the mine ban treaty and the conference on Afghanistan, the Afghan president arriving as I walked up the corridor. These events reflect a legacy of hostilities and sincere efforts to come back from the brink.

A wide range of discussions and meetings

There were many opportunities to have discussions with people from all the groups present. Several sessions raised issues that made me reflect on the relationship between corporations and the free software community and the risks for volunteers. At the end of the forum I had a brief discussion with Dante Pesce, Chair of the UN's Business and Human Rights working group.

Best free software resources for human rights?

Many people at the forum asked me how to get started with free software and I promised to keep adding to my blog. What would you regard as the best online resources, including videos and guides, for people with an interest in human rights to get started with free software, solving problems with privacy and equality? Please share them on the Libre Planet mailing list.

Let's not forget animal rights too

Are dogs entitled to danger pay when protecting heads of state?

Bits from Debian: Debian welcomes its new Outreachy intern

Planet Debian - Enj, 29/11/2018 - 8:15md

Debian continues participating in Outreachy, and we'd like to welcome our new Outreachy intern for this round, lasting from December 2018 to March 2019.

Anastasia Tsikoza will work on Improving the integration of Debian derivatives with the Debian infrastructure and the community, mentored by Paul Wise and Raju Devidas.

Congratulations, Anastasia, and welcome!

From the official website: Outreachy provides three-month internships for people from groups traditionally underrepresented in tech. Interns work remotely with mentors from Free and Open Source Software (FOSS) communities on projects ranging from programming, user experience, documentation, illustration and graphical design, to data science.

The Outreachy programme is possible in Debian thanks to the efforts of Debian developers and contributors who dedicate their free time to mentor students and outreach tasks, and the Software Freedom Conservancy's administrative support, as well as the continued support of Debian's donors, who provide funding for the internships.

Join us and help extend Debian! You can follow the work of the Outreachy interns reading their blogs (they are syndicated in Planet Debian), and chat with us in the #debian-outreach IRC channel and mailing list.

Russ Allbery: Review: The Blind Side

Planet Debian - Enj, 29/11/2018 - 6:25pd

Review: The Blind Side, by Michael Lewis

Publisher: W.W. Norton & Company Copyright: 2006, 2007 Printing: 2007 ISBN: 0-393-33047-8 Format: Trade paperback Pages: 339

One of the foundations of Michael Lewis's mastery of long-form journalism is that he is an incredible storyteller. Given even dry topics of interest (baseball statistics, bond trading, football offensive lines), he has an uncanny knack for finding memorable characters around which to tell a story, and uses their involvement as the backbone of a clear explanation of complex processes or situations. That's why one of the surprises of The Blind Side is that Lewis loses control of his material.

The story that Lewis wants to tell is the development of the left tackle position in professional football. The left tackle is the player on the outside of the offensive line on the blind side of a right-handed quarterback. The advent of the west-coast offense with its emphasis on passing plays, and the corresponding development of aggressive pass rushers in the era of Lawrence Taylor, transformed that position from just another member of the most anonymous group of people in football into one of the most highly-paid positions on the field. The left tackle is the person most responsible for stopping a pass rush.

Lewis does tell that story in The Blind Side, but every time he diverts into it, the reader is left tapping their foot in frustration and wishing he'd hurry up. That's because the other topic of this book, the biographical through line, is Michael Oher, and Michael Oher the person is so much more interesting than anything Lewis has to say about football that the football parts seem wasted.

I'm not sure how many people will manage to read this book without having the details of Oher's story spoiled for them first, particularly given there's also a movie based on this book, but I managed it and loved the unfolding of the story. I'm therefore going to leave out most of the specifics to avoid spoilers. But the short version is that Oher was a sometimes-homeless, neglected black kid with incredible physical skills but almost no interaction with the public school system who ended up being adopted as a teenager by a wealthy white family. They help him clear the hurdles required to play NCAA football.

That's just the bare outline. It's an amazing story, and Lewis tells it very well. I had a hard time putting this book down, and rushed through the background chapters on the evolution of football to get back to more details about Oher. But, as much as Lewis tries to make this book a biography of Oher himself, it's really not. As Lewis discloses at the end of this edition, he's a personal friend of Sean Tuohy, Oher's adoptive father. Oher was largely unwilling to talk to Lewis about his life before he met the Tuohys. Therefore, this is, more accurately, the story of Oher as seen from the Tuohys' perspective, which is not quite the same thing.

There are so many pitfalls here that it's amazing Lewis navigates them as well as he does, and even he stumbles. There are stereotypes and pieces of American mythology lurking everywhere beneath this story, trying to make the story snap to them like a guiding grid: the wealthy white family welcoming in the poor black kid, the kid with amazing physical talent who is very bad at school, the black kid with an addict mother, the white Christian school who takes him in, the colleges who try to recruit him... you cannot live in this country without strong feelings about all of these things. Nestled next to this story like landmines are numerous lies that white Americans tell themselves to convince themselves that they're not racist. I could feel the mythological drag on this story trying to make Oher something he's not, trying to make him fit into a particular social frame. It's one of the reasons why I doubt I'll ever see the movie: it's difficult to imagine a movie managing to avoid that undertow.

To give Lewis full credit, he fights to keep this story free of its mythology every step of the way, and you can see the struggle in the book. He succeeds best at showing that Oher is not at all dumb, but instead is an extremely intelligent teenager who was essentially never given an opportunity to learn. He also provides a lot of grounding and nuance to Oher's relationship with the Tuohys. They're still in something of a savior role, but it seems partly deserved. And, most importantly, he's very open about the fact that Oher largely didn't talk to anyone about his past, including Lewis, so except for a chapter near the end laying out the information Lewis was able to gather, it's mostly conjecture on the part of the Tuohys and others.

But there is so much buried here, so many fault lines of US society, so many sharp corners of racism and religion and class, that Oher's story just does not fit into Lewis's evolution-of-football narrative. It spills out of the book, surfaces deep social questions that Lewis barely touches on, and leaves so many open questions (including Oher's own voice). One major example: Briarcrest Christian School, the high school Oher played for and the place where he was discovered as a potential NCAA and later professional football player, is a private high school academy formed in 1973 after the desegregation of Memphis schools as a refuge for the children of white supremacists. Lewis describes Oher's treatment as one of only three black children at the school as positive; I can believe that because three kids out of a thousand plays into one kind of narrative. Later, Lewis mentions in passing that the school balked at the applications of other black kids once Oher became famous, and one has to wonder how that might change the narrative for the school's administration and parents. There's a story there that's left untold, and might not be as positive as Oher's reception.

Don't get me wrong: these aren't truly flaws in Lewis's book, because he's not even trying to tell that story. He's telling the story of one exceptional young man who reached college football through a truly unusual set of circumstances, and he tells that story well. I just can't help but look for systems in individual stories, to look for institutions that should have been there for Oher and weren't. Once I started looking, the signs of systemic failures sit largely unremarked beneath nearly every chapter. Maybe this is a Rorschach test of political analysis: do you see an exceptional person rising out of adversity through human charity, or a failure of society that has to be patched around by uncertain chance that, for most people, will fail without ever leaving a trace?

The other somewhat idiosyncratic reaction I had to this book, and the reason why I've put off reading it for so long, is that I now find it hard to read about football. While I've always been happy to watch nearly any sport, football used to be my primary sport as a fan, the one I watched every Sunday and most Saturdays. As a kid, I even kept my own game statistics from time to time, and hand-maintained team regular season standings. But somewhere along the way, the violence, the head injuries, and the basic incompatibility between the game as currently played and any concept of safety for the players got to me. I was never someone who loved the mud and the blood and the aggression; I grew up on the west coast offense and the passing game and watched football for the tactics. But football is an incredibly violent sport, and the story of quarterback sacks, rushing linebackers, and the offensive line is one of the centers of that violence. Lewis's story opens with Joe Theismann's leg injury in 1985, which is one of the most horrific injuries in the history of sport. I guess I don't have it in me to get excited about a sport that does things like that to its players any more.

I think The Blind Side is a bit of a mess as a book, but I'm still very glad that I read it. Oher's story, particularly through Lewis's story-telling lens, is incredibly compelling. I'm just also wary of it, because it sits slightly askew on some of the deepest fault lines in American society, and it's so easy for everyone involved to read things into the story that are coming from that underlying mythology rather than from Oher himself. I think Lewis fought through this whole book to not do that; I think he mostly but did not entirely succeed.

The Tuohys have their own related book (In a Heartbeat), written with Sally Jenkins, that's about their philosophy of giving and charity and looks very, very Christian in a way that makes me doubtful that it will shine a meaningful light on any of the social fault lines that Lewis left unaddressed. But Oher, with Don Yaeger, has written his own autobiography, I Beat the Odds, and that I will read. Given how invested I got in his story through Lewis, I feel an obligation to hear it on his own terms, rather than filtered through well-meaning white people.

I will cautiously recommend this book because it's an amazing story and Lewis tries very hard to do it justice. But I think this is a book worth reading carefully, thinking about who we're hearing from and who we aren't, and looking critically at the things Lewis leaves unsaid.

Rating: 7 out of 10

Norbert Preining: OneDrive and directory junctions sync problems

Planet Debian - Enj, 29/11/2018 - 2:07pd

With Dropbox’s end of Linux support I have been on the search for alternatives, as I will quit my Dropbox contract and need to move considerable data to a different provider. Since I am also a Office365 subscriber I get 1Tb of free OneDrive space, which should be usable. With recent updates of the onedrive package in Debian I am maintaining, using it instead of Dropbox has become a feasible alternative. I also started to use OneDrive extensively on the Windows side to sync my Desktop, documents, and my GPS and Map data (history of 20 years of GPS tracks and loads of maps). Advertised all over the internet (eg here, here, here) is a method to use directory junctions to link arbitrary folders by creating a junction in the OneDrive folder that links to the original folder.

As it turns out, this does not work as expected: Assume the following setup

  • There is a folder c:\MyFolder
  • A junction in %UserProfile%\OneDrive\MyFolder pointing to c:\MyFolder

and create a file c:\MyFolder\test.txt. This file is kept in a pending synchronization state and is not properly uploaded to the server.

One can trigger the upload by various methods:

  • pause and restart syncing
  • change/create any file in %UserProfile%\OneDrive\

If a sync is triggered by one of the above, also the pending changes in c:\MyFolder are uploaded, but NOT otherwise.

This did hit me several times because I preferred to have the main folders not in the OneDrive directory, but in their original location. Experimentation turned out that if you do the link source and target switch, so that the actual folder is in the OneDrive directory, and the directory junction wherever you need it, files are correctly synchronized.

For those having the wrong setup already, the following steps allow to switch the direction without triggering a full resync:

  • Wait until OneDrive has synced completely, then exit the program from the notification area;
  • remove the junction with rmdir, this will not remove the original directory;
  • move the original directory into the OneDrive folder;
  • recreate the junction with mklink /j c:\MyFolder %UserProfile%\OneDrive\MyFolder;
  • restart OneDrive.

This should bring you back to fully synchronized state in a very short time, and further changes in either the OneDrive folder or the directory junction will immediately trigger a file sync operation.

Dirk Eddelbuettel: RcppArmadillo 0.9.200.5.0

Planet Debian - Mër, 28/11/2018 - 11:50pd

A new RcppArmadillo release arrived at CRAN overnight. The version 0.9.200.5.0 is a minor upgrade and based on the new Armadillo bugfix release 9.200.5 from yesterday. I also just uploaded the Debian version.

Armadillo is a powerful and expressive C++ template library for linear algebra aiming towards a good balance between speed and ease of use with a syntax deliberately close to a Matlab. RcppArmadillo integrates this library with the R environment and language–and is widely used by (currently) 539 other packages on CRAN.

This release just brings one upstream bug fix, see below for details.

Changes in RcppArmadillo version 0.9.200.5.0 (2018-11-09)
  • Upgraded to Armadillo release 9.200.5 (Carpe Noctem)

Courtesy of CRANberries, there is a diffstat report relative to previous release. More detailed information is on the RcppArmadillo page. Questions, comments etc should go to the rcpp-devel mailing list off the R-Forge page.

This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. Please report excessive re-aggregation in third-party for-profit settings.

Daniel Lange: Security is hard, open source security unnecessarily harder

Planet Debian - Mër, 28/11/2018 - 11:23pd

Now it is a commonplace that security is hard. It involves advanced mathematics and a single, tiny mistake or omission in implementation can spoil everything.

And the only sane IT security can be open source security. Because you need to assess the algorithms and their implementation and you need to be able to completely verify the implementation. You simply can't if you don't have the code and can compile it yourself to produce a trusted (ideally reproducible) build. A no-brainer for everybody in the field.

But we make it unbelievably hard for people to use security tools. Because these have grown over decades fostered by highly intelligent people with no interest in UX.
"It was hard to write, so it should be hard to use as well."
And then complain about adoption.

PGP / gpg has received quite some fire this year and the good news is this has resulted in funding for the sole gpg developer. Which will obviously not solve the UX problem.

But the much worse offender is OpenSSL. It is so hard to use that even experienced hackers fail.

Now, securely encrypting a mass communication media like IRC is not possible at all. Read Trust is not transitive: or why IRC over SSL is pointless1.
Still it makes wiretapping harder and that may be a good thing these days.

LibreSSL has forked the OpenSSL code base "with goals of modernizing the codebase, improving security, and applying best practice development processes". No UX improvement. A cleaner code for the chosen few. Duh.

I predict the re-implementations and gradual improvement scenarios will fail. The nearly-impossible-to-use-right situation with both gpg and (much more importantly) OpenSSL cannot be fixed by gradual improvements and however thorough code reviews.

Now the "there's an App for this" security movement won't work out on a grand scale either:

  1. Most often not open source. Notable exceptions: ChatSecure, TextSecure.
  2. No reference implementations with excellent test servers and well documented test suites but products. "Use my App.", "No, use MY App!!!".
  3. Only secures chat or email. So the VC-powered ("next WhatsApp") mass-adoption markets but not the really interesting things to improve upon (CA, code signing, FDE, ...).
  4. While everybody is focusing on mobile adoption the heavy lifting is still on servers. We need sane libraries and APIs. No App for that.

So we need a new development, a new code, a new open source product. Sadly so the Core Infrastructure Initiative so far only funds existing open source projects in dire needs and people bug hunting.

It basically makes the bad solutions of today a bit more secure and ensures maintenance of decade old crufty code bases. That way it extends the suffering of everybody using the inadequate solutions of today.

That's inevitable until we have a better stack but we need to look into getting rid of gpg and OpenSSL and replacing it with something new. Something designed well from the ground up, technically and from a user experience perspective.

Now who's in for a five year funding plan? $2m annually. ROCE 0. But a very good chance to get the OBE awarded.

Updates:

28.11.18: Changed the Quakenet link on why encrypting IRC is useless to an archive.org one as they have removed the original content.

13.03.17: Chris Wellons writes about why GPG is a failure and created a small portable application Enchive to replace it for asymmetric encryption.

24.02.17: Stefan Marsiske has written a blog article: On PGP. He argues about adversary models and when gpg is "probably" 2 still good enough to use. To me a security tool can never be a sane choice if the UI is so convoluted that only a chosen few stand at least a chance of using it correctly. Doesn't matter who or what your adversary is.
Stefan concludes his blog article:

PGP for encryption as in RFC 4880 should be retired, some sunk-cost-biases to be coped with, but we all should rejoice that the last 3-4 years had so much innovation in this field, that RFC 4880 is being rewritten[Citation needed] with many of the above in mind and that hopefully there'll be more and better tools. [..]

He gives an extensive list of tools he considers worth watching in his article. Go and check whether something in there looks like a possible replacement for gpg to you. Stefan also gave a talk on the OpenPGP conference 2016 with similar content, slides.

14.02.17: James Stanley has written up a nice account of his two hour venture to get encrypted email set up. The process is speckled with bugs and inconsistent nomenclature capable of confusing even a technically inclined person. There has been no progress in the last ~two years since I wrote this piece. We're all still riding dead horses. James summarizes:

Encrypted email is nothing new (PGP was initially released in 1991 - 26 years ago!), but it still has a huge barrier to entry for anyone who isn't already familiar with how to use it.

04.09.16: Greg Kroah-Hartman ends an analysis of the Evil32 PGP keyid collisions with:

gpg really is horrible to use and almost impossible to use correctly.

14.11.15:
Scott Ruoti, Jeff Andersen, Daniel Zappala and Kent Seamons of BYU, Utah, have analysed the usability [local mirror, 173kB] of Mailvelope, a webmail PGP/GPG add-on based on a Javascript PGP implementation. They describe the results as "disheartening":

In our study of 20 participants, grouped into 10 pairs of participants who attempted to exchange encrypted email, only one pair was able to successfully complete the assigned tasks using Mailvelope. All other participants were unable to complete the assigned task in the one hour allotted to the study. Even though a decade has passed since the last formal study of PGP, our results show that Johnny has still not gotten any closer to encrypt his email using PGP.
  1. Quakenet has removed that article citing "near constant misrepresentation of the presented argument" sometime in 2018. The contents (not misrepresented) are still valid so I have added and archive.org Wayback machine link instead. 

  2. Stefan says "probably" five times in one paragraph. Probably needs an editor. The person not the application. 

Reproducible builds folks: Reproducible Builds: Weekly report #187

Planet Debian - Mar, 27/11/2018 - 1:40md

Here’s what happened in the Reproducible Builds effort between Sunday November 18 and Saturday November 24 2018:

Packages reviewed and fixed, and bugs filed Test framework development

There were a number of updates to our Jenkins-based testing framework that powers tests.reproducible-builds.org this week, including:

  • Chris Lamb:
    • Add support for calculating a PureOS package set. []
  • Eli Schwartz:
    • Provide an even-better explanation for a sed(1) command in the Archlinux support. []
  • Jelle van der Waa:
    • Set LANG/LC_ALL in build 1 in the Archlinux support. []
  • Niko Tyni:
  • Simon McVittie:
  • Holger Levsen:
    • Explicitly also install GnuPG. []
    • Perform some node maintenance. []
    • reviewed, merged and deployed the above commits.

This week’s edition was written by Bernhard M. Wiedemann, Chris Lamb, Vagrant Cascadian & reviewed by a bunch of Reproducible Builds folks on IRC & the mailing lists.

Norbert Preining: Onyx Boox Firmware 2.0

Planet Debian - Mar, 27/11/2018 - 5:19pd

Onyx Boox Note is a great device for reading, writing, note taking. I have written about my first impressions with this device here, and since then I have used the device heavily. I don’t even remember when I last took my Kobo GloHD in hand since I got the Boox. Onyx has announced a new firmware version (2.0) with a flashy video. The firmware is not generally available, but a hint in the forums tells that switching to Chinese will get you the latest firmware.

Well, I have tried it, and after installation of the latest version switched back to English. Here are my experiences with the new firmware.

The new library page (front page) has changed considerably. Instead of the big cover of the last read book and much smaller covers of the recently read books, all are arranged in the same size. Further information like the format of the book and the progress are overlaid on top of the cover. The icons on the top right allow for filtering, searching, creation of sub-libraries (folders). The bottom shows the total number of books and libraries. I prefer this layout a lot over the previous as it gives me immediate access to most of the recently read books.

There is a new shop available, but for now it seems most books are in Chinese only, which doesn’t help me a lot. I haven’t really checked out and searched books there for now, but I guess over time and with the general availability of the firmware in the next months better support for (at least) English books is to be expected. There is also a new AppStore (link to image) but again, most of the apps are in Chinese so not very helpful. I hope that in the similar vein with the above, a global release will improve this situation.

The storage page is quite bare, a simple file manager. I don’t think anything has changed from the previous firmware. One can explore the content of the device, copy/move/delete files etc. All very much in usual Android style.

The application page (not shown here, link to image) hasn’t changed a lot, but allows now for per-app optimization as shown on the left. There is an Onyx-specific app store with applications optimized for the Boox devices, but most apps installed via Google Play (or any other method) aren’t optimized. This screen seems to allow for various tweaks to optimize appearance of apps that are not made for grey-scale screens. I haven’t used many of the non-native apps by now, though.

The settings screen got a complete renewal with several new items appearing there.

Most of the items are no new functionality, but there is one new seriously niWell, I have tried it, and after installation of the latest version switched back to English. Here are my experiences with the new firmware.ce feature – synchronization of notes taken. There are several providers, most importantly Dropbox and some Chinese typical services. And with Wifi on the notes are saved nicely into my Dropbox account, which makes the tedious connecting to computer and copying a thing of the past. Thanks!

Let us finally go to the Notes application, which got the biggest update in this round. The entry page of the application hasn’t changed a lot, allowing for sorting of notes, creation of folders etc.

What is interesting is the ability to edit hand-written notes: select, copy, paste, resize, transform. It allows also to type text everywhere (see the teaser video linked at the top for details). Another feature that is presented in the teaser video is the text recognition and search in the content of hand-written notes. I have tried this a few times, but it seems my hand-writing is so bad that it wasn’t recognized.

The Notes application got a lot of new settings, most prominently the AI recognition settings which allows selecting the main language of hand-writing recognition. The language support seems to be impressive, including Japanese, but as I said, I didn’t manage by now to actually get it to find one of my notes. Another item is that search takes quite some time to go through all notes. Maybe only the first time, though.

One last new feature I found while digging through the menus is a Wifi Hotspot to allow for up/download of files from mobiles or other Wifi client devices. Not sure whether I will have use for it, but it might be a nice way to share books to friends without using a computer.

All in all I think after some polishing (the English translations are currently horrible at times) and bug fixing, this firmware is a great addition and step forward for the Onyx devices. There is only one really strange thing I experienced during the upgrade to version 2.0, namely that some of my books got corrupted during the process, and the NeoReader couldn’t open them anymore. I have no idea why some books were affected and some not, but it is not a matter of format I found. Removing them from the device and reloading them from Calibre fixed these problems.

Last comment for today: during writing this blog I switched to Chinese again and got a new version via OTA update (2018-11-22_10-36_2.0.3dcbcf5). Not sure what has changed, though.

Daniel Pocock: UN Forum on Business and Human Rights

Planet Debian - Hën, 26/11/2018 - 12:42md

This week I'm at the UN Forum on Business and Human Rights in Geneva.

What is the level of influence that businesses exert in the free software community? Do we need to be more transparent about it? Does it pose a risk to our volunteers and contributors?

Norbert Preining: On Lars Wirzenius, Fun, and Debian

Planet Debian - Hën, 26/11/2018 - 3:20pd

Some time ago I got flamed by Lars Wirzenius, because I dared to write on my blog

The last point by Linus is what I criticize most on Debian nowdays, it has become a sterilized over-governed entity, where most fun is gone.

One of the things he said was

I do feel it is important to make it clear to the people reading Planet Debian, where both Preining’s and my blogs are published, that his opinions are not mainstream in the Debian project, and that despite what he says, Debian development continues to be fun.
– Lars Wirzenius, On Norbert Preining, Sarah Sharp, and Debian

Well, as it turned out he got tired of Debian and doesn’t consider it fun anymore:

I’ve had a rough year, and Debian has also stopped being fun for me.
– Lars Wirzenius, Retiring from Debian

Times are a changin‘! Despite the difference of our opinions, thanks for your hard work on Debian!

Dirk Eddelbuettel: RQuantLib 0.4.6: Updated upstream, and calls for help

Planet Debian - Hën, 26/11/2018 - 12:42pd

The new 0.4.6 release of RQuantLib arrived on CRAN and Debian earlier today. It is two-fold update: catching up QuantLib 1.14 while also updating to Boost 1.67 (and newer).

A special thanks goes to Josh for updating to the binary windows library in the rwinlib repository allowing us a seamless CRAN update.

The package needs some help, though. There are two open issues. First, while it builds on Windows, many functions currently throw errors. This may be related to upstream switching to a choice of C++11 or Boost smart pointers though this throws no spanners on Linux. So it may simply be that some of the old curve-building code shows its age. It could also be something completely different—but we need something with a bit of time, debugging stamina, at least a little C++ knowledge and a working Windows setup for testing. I have a few of the former attributes and can help, but no suitable windows (or mac, see below) machine. If you are, or can be, the person to help on Windows, please get in touch at this issue ticket.

Second, we simply have no macOS build. Simon has a similar binary repo but no time himself to work on building QuantLib for macOS with the required R-compatible toolchains. If you are on macOS, care about RQuantLib, and know how to build R packages (and how to deal with compilers etc in general) please consider helping. A little more is at this issue ticket.

Otherwise, this release was mostly about internal plus a little helper for holidays. The complete set of changes is listed below:

Changes in RQuantLib version 0.4.6 (2018-11-25)
  • Changes in RQuantLib code:

    • The code was updated for release 1.14 of QuantLib.

    • The code was updated for Boost 1.67 or later (#120 fixing #119).

    • Fewer examples and tests are running on Windows.

    • Several bond prixing examples corrected to use dayCounter.

    • Two new functions were added to add and remove (custom) holidays (#115).

    • The continuous integration setup was rewritten for containers.

Courtesy of CRANberries, there is also a diffstat report for the this release. As always, more detailed information is on the RQuantLib page. Questions, comments etc should go to the rquantlib-devel mailing list off the R-Forge page. Issue tickets can be filed at the GitHub repo.

This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. Please report excessive re-aggregation in third-party for-profit settings.

Bálint Réczey: Migrating from Bazaar to Git on Launchpad just got easier!

Planet Debian - Sht, 24/11/2018 - 11:48md

Debian recently switched from Alioth to Salsa offering only Git hosting from now on and that simplifies the work of exiting contributors and also helps newcomers who are most likely already familiar with Git if they know at least one version control system. (Thanks to everyone involved in the transition!)

On Ubuntu’s side, most Ubuntu-specific packages and big part of Ubuntu’s infrastructure used to be maintained in Bazaar repositories in the past. Since then Git became the most widely used version control system but the Bazaar repositories did not fully disappear.

There are still hundreds of packages maintained in Bazaar in Ubuntu (packaging repositories in Bazaar by team) and Debian (lintian report) and maintaining them in Git instead could be easier in the long term.

Launchpad already supports Git and there are guidelines for converting Bazaar repositories to Git (1,2),  but if you would like to make the switch I suggest taking a look at bzr-git-mass-convert based on bzr fast-export (verifying the result with git-remote-bzr). It is a simple tool for merging multiple Bazaar branches to a single git repository set up for pushing it back to Launchpad.

We (at the Foundations Team) use it for migrating our repositories and there is also a wiki page for tracking the migration schedule of popular repositories.

Balint Reczey: Migrating from Bazaar to Git on Launchpad just got easier!

Planet Ubuntu - Sht, 24/11/2018 - 11:48md

Debian recently switched from Alioth to Salsa offering only Git hosting from now on and that simplifies the work of exiting contributors and also helps newcomers who are most likely already familiar with Git if they know at least one version control system. (Thanks to everyone involved in the transition!)

On Ubuntu’s side, most Ubuntu-specific packages and big part of Ubuntu’s infrastructure used to be maintained in Bazaar repositories in the past. Since then Git became the most widely used version control system but the Bazaar repositories did not fully disappear.

There are still hundreds of packages maintained in Bazaar in Ubuntu (packaging repositories in Bazaar by team) and Debian (lintian report) and maintaining them in Git instead could be easier in the long term.

Launchpad already supports Git and there are guidelines for converting Bazaar repositories to Git (1,2),  but if you would like to make the switch I suggest taking a look at bzr-git-mass-convert based on bzr fast-export (verifying the result with git-remote-bzr). It is a simple tool for merging multiple Bazaar branches to a single git repository set up for pushing it back to Launchpad.

We (at the Foundations Team) use it for migrating our repositories and there is also a wiki page for tracking the migration schedule of popular repositories.

Dirk Eddelbuettel: RcppEigen 0.3.3.5.0

Planet Debian - Sht, 24/11/2018 - 11:39md

Another minor release 0.3.3.5.0 of RcppEigen arrived on CRAN today (and just went to Debian too) bringing support for Eigen 3.3.5 to R.

As we now carry our small set of patches to Eigen as diff in our repo, it was fairly straightforward to bring these few changes to the new upstream version. I added one trivial fix of changing a return value to void as this is also already in the upstream repo. Other than that, we were fortunate to get two nice and focussed PRs since the last release. Ralf allowed us to use larger index values by using R_xlen_t, and Michael corrected use of RcppArmadillo in a benchmarking example script.

Next, it bears repeating what we said in February when we release 0.3.3.4.0:

One additional and recent change was the accomodation of a recent CRAN Policy change to not allow gcc or clang to mess with diagnostic messages. A word of caution: this may make your compilation of packages uses RcppEigen very noisy so consider adding -Wno-ignored-attributes to the compiler flags added in your ~/.R/Makevars.

It’s still super-noise, but hey, CRAN made us do it …

The complete NEWS file entry follows.

Changes in RcppEigen version 0.3.3.5.0 (2018-11-24)
  • Updated to version 3.3.5 of Eigen (Dirk in #65)

  • Long vectors are now supported via R_xlen_t (Ralf Stubner in #55 fixing #54).

  • The benchmarking example was updated in its use of RcppArmadillo (Michael Weylandt in #56).

Courtesy of CRANberries, there is also a diffstat report for the most recent release.

This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. Please report excessive re-aggregation in third-party for-profit settings.

Faqet

Subscribe to AlbLinux agreguesi